P2022-ND-024

? On February 11, 2021, the Organization became aware of a business email compromise.
? Two (2) employees of the Organization alerted it that some of their contacts had received a phishing email.
? Eight (8) Microsoft Office 365 accounts were found to have been compromised. Phishing emails were sent from an Organization corporate email address to some of its clients.
? The Organization reported there was no indication that its servers had been accessed.
? On April 6, 2021, intrusion alerts were triggered. An unauthorized third party gained access and certain personal information may have been exfiltrated.

File Type: pdf
File Size: 616 KB
Categories: 2022